Apple warns potential victims of government-controlled spyware attacks

Apple is taking action against the spyware manufacturer NSO. Its software is primarily used by government agencies to spy on citizens who these authorities suspect of any kind of violations. Especially in countries with a weak rule of law, the software is often used to incriminate regime critics.

The software of the NSO-Group called Pegasus tries to exploit vulnerabilities in iOS and other platforms to infiltrate the smartphones of the target persons of their clients. These typically include journalists, activists, dissidents, academics, and government officials.

In addition to taking legal action against the spyware manufacturer, Apple has announced that it will notify the “small number of users” who have attacked via the “forced entry exploit” for a security hole that has since been patched and made it possible to install Pegasus on their devices became. In addition, users are to be notified, from whom Apple believes that they could be affected by “government-controlled spyware attacks”. The company explains the procedure in a new support document.

Appropriate notifications are then sent to the users concerned by email and iMessage to the addresses and telephone numbers that are linked to their respective Apple IDs. The notifications will contain additional information on what users can do to protect their devices. A prominent “Threat Notification” banner will also appear at the top of the page when those affected sign in to the Apple ID website.

Users should never be asked to click on links or install apps via the e-mail and iMessage notifications. If you receive notifications that contain links and pretend to be from Apple, it is certainly fakes. Apple recommends that users manually log into their own Apple account to check for threat notifications and to learn what to do next.

The manufacturer points out that, on the one hand, these notifications can lead to false positives and, on the other hand, some attacks can even go undetected, as the company is confronted with constantly evolving tactics from state-controlled attackers. Apple promises to develop its own threat detection methods as well.

Whether or not you received a threat alert from Apple, the company recommends the following steps:

• Update your devices to the latest software as it contains the latest security fixes.
• Protect your devices with a passcode.
• Uses two-factor authentication and a strong password for the Apple ID.
• Installs apps from the App Store only.
• Uses secure and unique passwords online.
• Don’t click on links or attachments from unknown senders.

These measures should actually be common sense. In addition, Apple has posted a list of emergency resources on its Consumer Reports Security Planner website to help users who have not received an Apple threat report but believe they have been targeted by government-sponsored attackers, get expert help.

On Wednesday it became known that Apple’s new warning system against state spyware attacks is actually already active and is having consequences. At least six activists and scientists in Thailand who are considered critical of the government have received warning notices. The news agency reports Reuters.